mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-10-26 09:59:51 +03:00
Terminal is not bash, fixed chat feature.
This commit is contained in:
Ylian Saint-Hilaire
parent
e7a903b8ee
commit
078745b97a
@ -832,7 +832,13 @@ function createMeshCore(agent) {
|
|||||||
this.prependListener('end', function () { this.httprequest._term.end(function () { console.log('Terminal was closed'); }); });
|
this.prependListener('end', function () { this.httprequest._term.end(function () { console.log('Terminal was closed'); }); });
|
||||||
//this.httprequest.process = childProcess.execFile("%windir%\\system32\\cmd.exe");
|
//this.httprequest.process = childProcess.execFile("%windir%\\system32\\cmd.exe");
|
||||||
} else {
|
} else {
|
||||||
this.httprequest.process = childProcess.execFile("/bin/sh", ["sh"], { type: childProcess.SpawnTypes.TERM });
|
if (fs.existsSync("/bin/bash")) {
|
||||||
|
this.httprequest.process = childProcess.execFile("/bin/bash", ["bash", "-i"], { type: childProcess.SpawnTypes.TERM });
|
||||||
|
if (process.platform == 'linux') { this.httprequest.process.stdin.write("stty erase ^H\nalias ls='ls --color=auto'\nPS1='\\u@\\h:\\w\\$ '\nclear\n"); }
|
||||||
|
} else {
|
||||||
|
this.httprequest.process = childProcess.execFile("/bin/sh", ["sh"], { type: childProcess.SpawnTypes.TERM });
|
||||||
|
}
|
||||||
|
//if (this.httprequest.process == null) { }
|
||||||
this.httprequest.process.tunnel = this;
|
this.httprequest.process.tunnel = this;
|
||||||
this.httprequest.process.on('exit', function (ecode, sig) { this.tunnel.end(); });
|
this.httprequest.process.on('exit', function (ecode, sig) { this.tunnel.end(); });
|
||||||
this.httprequest.process.stderr.on('data', function (chunk) { this.parent.tunnel.write(chunk); });
|
this.httprequest.process.stderr.on('data', function (chunk) { this.parent.tunnel.write(chunk); });
|
||||||
@ -864,7 +870,6 @@ function createMeshCore(agent) {
|
|||||||
this.removeAllListeners('data');
|
this.removeAllListeners('data');
|
||||||
this.on('data', onTunnelControlData);
|
this.on('data', onTunnelControlData);
|
||||||
//this.write('MeshCore Terminal Hello');
|
//this.write('MeshCore Terminal Hello');
|
||||||
if (process.platform == 'linux') { this.httprequest.process.stdin.write("stty erase ^H\nalias ls='ls --color=auto'\nclear\n"); }
|
|
||||||
} else if (this.httprequest.protocol == 2) {
|
} else if (this.httprequest.protocol == 2) {
|
||||||
|
|
||||||
// Check user access rights for desktop
|
// Check user access rights for desktop
|
||||||
|
|||||||
2
agents/meshcore.min.js
vendored
2
agents/meshcore.min.js
vendored
File diff suppressed because one or more lines are too long
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "meshcentral",
|
"name": "meshcentral",
|
||||||
"version": "0.3.5-l",
|
"version": "0.3.5-n",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"Remote Management",
|
"Remote Management",
|
||||||
"Intel AMT",
|
"Intel AMT",
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -2005,7 +2005,7 @@
|
|||||||
}
|
}
|
||||||
return desktop.m.handleKeys(e);
|
return desktop.m.handleKeys(e);
|
||||||
}
|
}
|
||||||
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) return terminal.m.TermHandleKeys(e);
|
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeys(e); }
|
||||||
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) return agentConsoleHandleKeys(e);
|
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) return agentConsoleHandleKeys(e);
|
||||||
if (!xxdialogMode && xxcurrentView == 4) {
|
if (!xxdialogMode && xxcurrentView == 4) {
|
||||||
if (e.ctrlKey == true || e.altKey == true || e.metaKey == true) return;
|
if (e.ctrlKey == true || e.altKey == true || e.metaKey == true) return;
|
||||||
@ -2064,7 +2064,7 @@
|
|||||||
}
|
}
|
||||||
return desktop.m.handleKeyDown(e);
|
return desktop.m.handleKeyDown(e);
|
||||||
}
|
}
|
||||||
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeyDown(e); }
|
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { terminal.m.TermHandleKeyDown(e); if ((e.keyCode >= 37) && (e.keyCode <= 40)) { haltEvent(e); } }
|
||||||
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { haltEvent(e); return false; } // F5 Refresh on files
|
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { haltEvent(e); return false; } // F5 Refresh on files
|
||||||
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) { return agentConsoleHandleKeys(e); }
|
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) { return agentConsoleHandleKeys(e); }
|
||||||
if (!xxdialogMode && xxcurrentView == 4) {
|
if (!xxdialogMode && xxcurrentView == 4) {
|
||||||
@ -2098,7 +2098,7 @@
|
|||||||
}
|
}
|
||||||
return desktop.m.handleKeyUp(e);
|
return desktop.m.handleKeyUp(e);
|
||||||
}
|
}
|
||||||
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) return terminal.m.TermHandleKeyUp(e);
|
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeyUp(e); }
|
||||||
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { p13folderup(9999); haltEvent(e); return false; } // F5 Refresh on files
|
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { p13folderup(9999); haltEvent(e); return false; } // F5 Refresh on files
|
||||||
if (!xxdialogMode && xxcurrentView == 4) { if ((e.keyCode === 8 && searchFocus == 0) || e.keyCode === 27) { return haltEvent(e); } }
|
if (!xxdialogMode && xxcurrentView == 4) { if ((e.keyCode === 8 && searchFocus == 0) || e.keyCode === 27) { return haltEvent(e); } }
|
||||||
if (xxdialogMode && e.keyCode == 27) { dialogclose(0); }
|
if (xxdialogMode && e.keyCode == 27) { dialogclose(0); }
|
||||||
|
|||||||
41
webserver.js
41
webserver.js
@ -489,7 +489,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
function handleLogoutRequest(req, res) {
|
function handleLogoutRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi')) return;
|
if ((domain == null) || (domain.auth == 'sspi')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||||
// Destroy the user's session to log them out will be re-created next request
|
// Destroy the user's session to log them out will be re-created next request
|
||||||
@ -619,7 +619,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
function handleLoginRequest(req, res) {
|
function handleLoginRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// Normally, use the body username/password. If this is a token, use the username/password in the session.
|
// Normally, use the body username/password. If this is a token, use the username/password in the session.
|
||||||
var xusername = req.body.username, xpassword = req.body.password;
|
var xusername = req.body.username, xpassword = req.body.password;
|
||||||
@ -738,7 +738,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
function handleCreateAccountRequest(req, res) {
|
function handleCreateAccountRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; }
|
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// Check if we are allowed to create new users using the login screen
|
// Check if we are allowed to create new users using the login screen
|
||||||
var domainUserCount = -1;
|
var domainUserCount = -1;
|
||||||
@ -911,7 +911,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Called to process an account reset request
|
// Called to process an account reset request
|
||||||
function handleResetAccountRequest(req, res) {
|
function handleResetAccountRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; }
|
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// Get the email from the body or session.
|
// Get the email from the body or session.
|
||||||
var email = req.body.email;
|
var email = req.body.email;
|
||||||
@ -975,7 +975,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Called to process a web based email verification request
|
// Called to process a web based email verification request
|
||||||
function handleCheckMailRequest(req, res) {
|
function handleCheckMailRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; }
|
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
if (req.query.c != null) {
|
if (req.query.c != null) {
|
||||||
var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30);
|
var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30);
|
||||||
@ -1066,7 +1066,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
function handleDeleteAccountRequest(req, res) {
|
function handleDeleteAccountRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; }
|
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// Check if the user is logged and we have all required parameters
|
// Check if the user is logged and we have all required parameters
|
||||||
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
||||||
@ -1137,7 +1137,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle password changes
|
// Handle password changes
|
||||||
function handlePasswordChangeRequest(req, res) {
|
function handlePasswordChangeRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; }
|
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// Check if the user is logged and we have all required parameters
|
// Check if the user is logged and we have all required parameters
|
||||||
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
|
||||||
@ -1169,7 +1169,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Indicates that any request to "/" should render "default" or "login" depending on login state
|
// Indicates that any request to "/" should render "default" or "login" depending on login state
|
||||||
function handleRootRequest(req, res) {
|
function handleRootRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if (!obj.args) { res.sendStatus(500); return; }
|
if (!obj.args) { res.sendStatus(500); return; }
|
||||||
|
|
||||||
if ((domain.sspi != null) && ((req.query.login == null) || (obj.parent.loginCookieEncryptionKey == null))) {
|
if ((domain.sspi != null) && ((req.query.login == null) || (obj.parent.loginCookieEncryptionKey == null))) {
|
||||||
@ -1441,7 +1441,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Render the terms of service.
|
// Render the terms of service.
|
||||||
function handleTermsRequest(req, res) {
|
function handleTermsRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// See if term.txt was loaded from the database
|
// See if term.txt was loaded from the database
|
||||||
if ((parent.configurationFiles != null) && (parent.configurationFiles['terms.txt'] != null)) {
|
if ((parent.configurationFiles != null) && (parent.configurationFiles['terms.txt'] != null)) {
|
||||||
@ -1493,6 +1493,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
// Render the messenger application.
|
// Render the messenger application.
|
||||||
function handleMessengerRequest(req, res) {
|
function handleMessengerRequest(req, res) {
|
||||||
|
const domain = checkUserIpAddress(req, res);
|
||||||
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
var webRtcConfig = null;
|
var webRtcConfig = null;
|
||||||
if (obj.parent.config.settings && obj.parent.config.settings.webrtconfig && (typeof obj.parent.config.settings.webrtconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(obj.parent.config.settings.webrtconfig)); }
|
if (obj.parent.config.settings && obj.parent.config.settings.webrtconfig && (typeof obj.parent.config.settings.webrtconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(obj.parent.config.settings.webrtconfig)); }
|
||||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
|
||||||
@ -1608,7 +1611,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle user public file downloads
|
// Handle user public file downloads
|
||||||
function handleDownloadUserFiles(req, res) {
|
function handleDownloadUserFiles(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; }
|
if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; }
|
||||||
var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = '';
|
var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = '';
|
||||||
if ((spliturl.length < 3) || (obj.common.IsFilenameValid(spliturl[2]) == false) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
|
if ((spliturl.length < 3) || (obj.common.IsFilenameValid(spliturl[2]) == false) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
|
||||||
@ -1708,7 +1711,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Download a file from the server
|
// Download a file from the server
|
||||||
function handleDownloadFile(req, res) {
|
function handleDownloadFile(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
|
if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
|
||||||
const user = obj.users[req.session.userid];
|
const user = obj.users[req.session.userid];
|
||||||
if (user == null) { res.sendStatus(404); return; }
|
if (user == null) { res.sendStatus(404); return; }
|
||||||
@ -1721,7 +1724,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Upload a MeshCore.js file to the server
|
// Upload a MeshCore.js file to the server
|
||||||
function handleUploadMeshCoreFile(req, res) {
|
function handleUploadMeshCoreFile(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
||||||
const user = obj.users[req.session.userid];
|
const user = obj.users[req.session.userid];
|
||||||
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
|
||||||
@ -1746,7 +1749,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Upload a file to the server
|
// Upload a file to the server
|
||||||
function handleUploadFile(req, res) {
|
function handleUploadFile(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; }
|
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; }
|
||||||
const user = obj.users[req.session.userid];
|
const user = obj.users[req.session.userid];
|
||||||
if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights
|
if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights
|
||||||
@ -2097,7 +2100,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle the web socket echo request, just echo back the data sent
|
// Handle the web socket echo request, just echo back the data sent
|
||||||
function handleEchoWebSocket(ws, req) {
|
function handleEchoWebSocket(ws, req) {
|
||||||
const domain = checkUserIpAddress(ws, req);
|
const domain = checkUserIpAddress(ws, req);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive
|
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive
|
||||||
|
|
||||||
// When data is received from the web socket, echo it back
|
// When data is received from the web socket, echo it back
|
||||||
@ -2218,7 +2221,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle a server backup request
|
// Handle a server backup request
|
||||||
function handleBackupRequest(req, res) {
|
function handleBackupRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
||||||
var user = obj.users[req.session.userid];
|
var user = obj.users[req.session.userid];
|
||||||
if ((user == null) || ((user.siteadmin & 1) == 0)) { res.sendStatus(401); return; } // Check if we have server backup rights
|
if ((user == null) || ((user.siteadmin & 1) == 0)) { res.sendStatus(401); return; } // Check if we have server backup rights
|
||||||
@ -2250,7 +2253,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle a server restore request
|
// Handle a server restore request
|
||||||
function handleRestoreRequest(req, res) {
|
function handleRestoreRequest(req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
|
||||||
const user = obj.users[req.session.userid];
|
const user = obj.users[req.session.userid];
|
||||||
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
|
||||||
@ -2266,7 +2269,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle a request to download a mesh agent
|
// Handle a request to download a mesh agent
|
||||||
obj.handleMeshAgentRequest = function (req, res) {
|
obj.handleMeshAgentRequest = function (req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
|
|
||||||
// If required, check if this user has rights to do this
|
// If required, check if this user has rights to do this
|
||||||
if ((obj.parent.config.settings != null) && (obj.parent.config.settings.lockagentdownload == true) && (req.session.userid == null)) { res.sendStatus(401); return; }
|
if ((obj.parent.config.settings != null) && (obj.parent.config.settings.lockagentdownload == true) && (req.session.userid == null)) { res.sendStatus(401); return; }
|
||||||
@ -2512,7 +2515,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle a request to download a mesh settings
|
// Handle a request to download a mesh settings
|
||||||
obj.handleMeshSettingsRequest = function (req, res) {
|
obj.handleMeshSettingsRequest = function (req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
//if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
//if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
|
||||||
|
|
||||||
// If required, check if this user has rights to do this
|
// If required, check if this user has rights to do this
|
||||||
@ -2552,7 +2555,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Handle a request for power events
|
// Handle a request for power events
|
||||||
obj.handleDevicePowerEvents = function (req, res) {
|
obj.handleDevicePowerEvents = function (req, res) {
|
||||||
const domain = checkUserIpAddress(req, res);
|
const domain = checkUserIpAddress(req, res);
|
||||||
if (domain == null) return;
|
if (domain == null) { res.sendStatus(404); return; }
|
||||||
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (req.query.id == null) || (typeof req.query.id != 'string')) { res.sendStatus(401); return; }
|
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (req.query.id == null) || (typeof req.query.id != 'string')) { res.sendStatus(401); return; }
|
||||||
var x = req.query.id.split('/');
|
var x = req.query.id.split('/');
|
||||||
var user = obj.users[req.session.userid];
|
var user = obj.users[req.session.userid];
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user